VDB

RHSA-2022%3A7401

RHSA-2022%3A7401 PUBLISHED CVSS 7.5 HIGH

A flaw was found in golang. The language package for go language can panic due to an out-of-bounds read when an incorrectly formatted language tag is being parsed. This flaw allows an attacker to cause applications using this package to parse untrusted input data to crash, leading to a denial of service of the affected component.

Risk Scores

CVSS 3.1
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products

VendorProductVersions
Red Hatopenshift4/ose-ovn-kubernetes@sha256:c31c042a84336d660c52b3e299d07b3fde9519533f18de552d36d497c470285f_s390x as a component of Red Hat OpenShift Container Platform 4.12*
Red Hatopenshift4/frr-rhel8@sha256:2837b4e29c60cbfe258d7ec7712169e2cbbf6b379ac50df93967f8267f033bfe_s390x as a component of Red Hat OpenShift Container Platform 4.12openshift4/frr-rhel8@sha256:2837b4e29c60cbfe258d7ec7712169e2cbbf6b379ac50df93967f8267f033bfe_s390x
Red Hatopenshift4/ose-csi-livenessprobe@sha256:18c270911e86939e87f046262e1afacc6fe0a89b706eac94c843da34243f0ac9_s390x as a component of Red Hat OpenShift Container Platform 4.12openshift4/ose-csi-livenessprobe@sha256:18c270911e86939e87f046262e1afacc6fe0a89b706eac94c843da34243f0ac9_s390x
Red Hatopenshift4/kubernetes-nmstate-rhel8-operator@sha256:0680faf3bddebf47102800e9088e163d20e53e1a428aef6ca84b76b7c198ec39_arm64 as a component of Red Hat OpenShift Container Platform 4.12*
Red Hatopenshift4/ose-node-feature-discovery@sha256:0247b7cebeb1041620f5715f0fad36e78e410b3f3f48a5e83dcfdbb207e9d4aa_amd64 as a component of Red Hat OpenShift Container Platform 4.12openshift4/ose-node-feature-discovery@sha256:0247b7cebeb1041620f5715f0fad36e78e410b3f3f48a5e83dcfdbb207e9d4aa_amd64
Red Hatopenshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:52f47b61f0f2fbbd7657ee3ef59f01677d0e316237edd4c9577f672667f1c139_arm64 as a component of Red Hat OpenShift Container Platform 4.12openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:52f47b61f0f2fbbd7657ee3ef59f01677d0e316237edd4c9577f672667f1c139_arm64
Red Hatopenshift4/ose-ovn-kubernetes@sha256:91ef4be90e188e7a1a907f2e8846ed88148fdf8dde9594b9753548eaa84835c6_arm64 as a component of Red Hat OpenShift Container Platform 4.12openshift4/ose-ovn-kubernetes@sha256:91ef4be90e188e7a1a907f2e8846ed88148fdf8dde9594b9753548eaa84835c6_arm64
Red Hatopenshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:e0d78d2a1c96d667ef387f00c661c1960e29f621f3c2a239c698b36ad63e68d9_amd64 as a component of Red Hat OpenShift Container Platform 4.12openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:e0d78d2a1c96d667ef387f00c661c1960e29f621f3c2a239c698b36ad63e68d9_amd64
Red Hatopenshift4/ose-clusterresourceoverride-rhel8-operator@sha256:b6fad4943188a9fb922f8b41c02bdf0c62da229ae172e052baf287a8677aad14_ppc64le as a component of Red Hat OpenShift Container Platform 4.12*
Red Hatopenshift4/ose-cluster-kube-descheduler-operator-bundle@sha256:d81add28173a8b2172f1596645c0901146533462e6e6d3b8d8baa442dd6b6d72_amd64 as a component of Red Hat OpenShift Container Platform 4.12*
Red Hatopenshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:d033c6a326b499e1c519f28f577e15c1ec2d0d75ef19e34f4ae9aec5df81a37f_s390x as a component of Red Hat OpenShift Container Platform 4.12*
Red Hatopenshift4/ose-clusterresourceoverride-rhel8@sha256:bf33ee424f3666cceef9ae399ca377340abee9bc6cfd0b511709beed6060d9af_ppc64le as a component of Red Hat OpenShift Container Platform 4.12openshift4/ose-clusterresourceoverride-rhel8@sha256:bf33ee424f3666cceef9ae399ca377340abee9bc6cfd0b511709beed6060d9af_ppc64le
Red Hatopenshift4/ose-sriov-dp-admission-controller@sha256:2f38a408a6fee4740f1d0a24a2f7b02e934e1c63e01c7e6db6611ab7d5efc0ec_amd64 as a component of Red Hat OpenShift Container Platform 4.12openshift4/ose-sriov-dp-admission-controller@sha256:2f38a408a6fee4740f1d0a24a2f7b02e934e1c63e01c7e6db6611ab7d5efc0ec_amd64
Red Hatopenshift4/ose-cluster-kube-descheduler-operator-metadata@sha256:d81add28173a8b2172f1596645c0901146533462e6e6d3b8d8baa442dd6b6d72_amd64 as a component of Red Hat OpenShift Container Platform 4.12openshift4/ose-cluster-kube-descheduler-operator-metadata@sha256:d81add28173a8b2172f1596645c0901146533462e6e6d3b8d8baa442dd6b6d72_amd64
Red Hatopenshift4/ose-clusterresourceoverride-rhel8-operator@sha256:06e72c8de47c5e602b12f8835eccca638b7177744bc9a040a6d5a08095c07273_amd64 as a component of Red Hat OpenShift Container Platform 4.12openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:06e72c8de47c5e602b12f8835eccca638b7177744bc9a040a6d5a08095c07273_amd64
Red Hatopenshift4/ose-local-storage-operator-bundle@sha256:3f29a372de62d4182611577b98d7564f1b41a48d34f8bba19913f08b8e88e96c_amd64 as a component of Red Hat OpenShift Container Platform 4.12openshift4/ose-local-storage-operator-bundle@sha256:3f29a372de62d4182611577b98d7564f1b41a48d34f8bba19913f08b8e88e96c_amd64
Red Hatopenshift4/ose-csi-node-driver-registrar@sha256:c48ff6738f67ddc4537a9eb6a9087753244fc58c88e23abca4a0018b8121cf6a_arm64 as a component of Red Hat OpenShift Container Platform 4.12openshift4/ose-csi-node-driver-registrar@sha256:c48ff6738f67ddc4537a9eb6a9087753244fc58c88e23abca4a0018b8121cf6a_arm64
Red Hatopenshift4/ose-clusterresourceoverride-rhel8@sha256:fce04709a3d09f0251f1d3f194e64b2c72cc809fd72228dae1b969670c4e3b94_arm64 as a component of Red Hat OpenShift Container Platform 4.12*
Red Hatopenshift4/ose-aws-efs-csi-driver-container-rhel8@sha256:f3c8e8f1d762d80ad185f5f0e0507ce724d36b001a21c9843f0ad65f0fe372d3_amd64 as a component of Red Hat OpenShift Container Platform 4.12openshift4/ose-aws-efs-csi-driver-container-rhel8@sha256:f3c8e8f1d762d80ad185f5f0e0507ce724d36b001a21c9843f0ad65f0fe372d3_amd64
Red Hatopenshift4/ose-cloud-event-proxy-rhel8@sha256:8fe8305a0991da4f10370983452eac7ed78c16de299f68e81c7de7018e9fc346_ppc64le as a component of Red Hat OpenShift Container Platform 4.12openshift4/ose-cloud-event-proxy-rhel8@sha256:8fe8305a0991da4f10370983452eac7ed78c16de299f68e81c7de7018e9fc346_ppc64le

…and 346 more

Timeline

  • Jan 17, 2023 CVE Published
  • Apr 25, 2026 Distribution Patch
  • Apr 25, 2026 Distribution Patch
  • Apr 25, 2026 Security Advisory
  • Apr 25, 2026 Security Advisory
  • Apr 25, 2026 Security Advisory
  • Apr 30, 2026 CVE Updated
Open in Interactive Console →
$ Console Community · 100/wk Open console ›